1. It is said that UNIX uses access control lists. Does the UNIX model include capabilities as well as access control lists?
2. Suppose a user wishes to edit the file xyzzy in a capability-based system. How can he be sure that the editor cannot access any other file? Could this be done in an ACL-based system? If so, how? If not, why not?